Pi-Hole/FTL
1
0
Fork 0
mirror of https://github.com/pi-hole/FTL.git synced 2025-12-20 07:28:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2465 from nathansmeal/development

Browse Source 
Adjust write_to_file function to include the CA certificate
This commit is contained in:
Dominik
2025-05-24 08:58:25 +02:00
committed by GitHub
parent 8bec7efc38 79bb138af8
commit 49aa55e9c2
1 changed files with 16 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/webserver/x509.c
View File

@@ -188,7 +188,7 @@ static int generate_private_key_ec(mbedtls_pk_context *key,
}
// Write a key and/or certificate to a file
static bool write_to_file(const char *filename, const char *type, const char *suffix, const char *cert, const char *key)
static bool write_to_file(const char *filename, const char *type, const char *suffix, const char *cert, const char *key, const char *cacert)
{
// Create file with CA certificate only
char *targetname = calloc(strlen(filename) + (suffix != NULL ? strlen(suffix) : 0) + 1, sizeof(char));
@@ -241,6 +241,18 @@ static bool write_to_file(const char *filename, const char *type, const char *su
}
}
// Write CA certificate (if provided)
if(cacert != NULL)
{
const size_t olen = strlen((char *) cacert);
if (fwrite(cacert, 1, olen, f) != olen)
{
printf("ERROR: Could not write CA certificate to %s\n", targetname);
fclose(f);
return false;
}
}
// Close cert file
fclose(f);
free(targetname);
@@ -420,13 +432,13 @@ bool generate_certificate(const char* certfile, bool rsa, const char *domain)
}
// Create file with CA certificate only
write_to_file(certfile, "CA certificate", "_ca.crt", (char*)ca_buffer, NULL);
write_to_file(certfile, "CA certificate", "_ca.crt", (char*)ca_buffer, NULL, NULL);
// Create file with server certificate only
write_to_file(certfile, "server certificate", ".crt", (char*)cert_buffer, NULL);
write_to_file(certfile, "server certificate", ".crt", (char*)cert_buffer, NULL, NULL);
// Write server's private key and certificate to file
write_to_file(certfile, "server key + certificate", NULL, (char*)cert_buffer, (char*)key_buffer);
write_to_file(certfile, "server key + certificate", NULL, (char*)cert_buffer, (char*)key_buffer, (char*)ca_buffer);
// Free resources
mbedtls_x509write_crt_free(&ca_cert);